NATO Can No Longer Afford to Be Complacent About Russia’s Cyber Threat

NATO Can No Longer Afford to Be Complacent About Russia’s Cyber Threat
Staff operate at the NATO Computer Incident Response Capability technical center, at NATO’s military headquarters, SHAPE, in Mons, southwestern Belgium, Dec. 10, 2013 (AP photo by Yves Logghe).

As NATO’s relations with Russia seem to be hitting a post-Cold War low, numerous experts argue that the West is already in a state of conflict with Moscow in three domains: intelligence, information warfare and cyber. In particular, Russia’s increasingly hostile actions in the cyber domain have lent new urgency to the debate over cybersecurity in the West, including within NATO. The recent Russian plot to hack the Organization for the Prohibition of Chemical Weapons, discovered and thwarted by the Netherlands, is yet more proof that complacency over Russian cyber operations will prove costly. Russia has decided to adopt a more belligerent, gloves-off approach. Under the current circumstances, NATO must speed up its cyber adaptation process to confront the resurgence of an old foe.

Yet this cyber challenge from Russia is actually not new. By the 1990s, Russia had already managed to develop a sophisticated cyber toolbox, including cyberespionage instruments. The first indications of its capabilities came in the early 2000s, when Russia waged its coordinated cyber operation to combat Chechen separatists’ online information campaign. Russian authorities then progressively began to outsource some cyber activities, including hacking and cyberattacks, to informal actors, such as activists, so-called patriotic hackers and criminal organizations. The aims were simple: first, to lower the strategic risk by creating plausible deniability; and second, to lower the operational and financial cost. Obviously, in technical and financial terms the informal actors relied heavily on the Russian authorities, especially the intelligence agencies. But Russia’s low-cost and low-risk cyber strategy seemed to pay off in numerous cases, including during the cyberattack on Estonia in 2007 and the hacking of a power plant in Ukraine in 2015.

The success of Russia’s cyber warfare is based on two main pillars. First, in its strategic framework, Russia tries to include cyber warfare in a broader concept of information warfare that includes hacking, in the form of computer network operations and electronic interference, and psychological and disinformation campaigns. These cyber capabilities contribute to the enhanced, so-called anti-access and area denial bubbles Russia has built in the vicinity of its borders with NATO countries, such as the Kaliningrad Oblast, Crimea and the Arctic. Cyber also plays a significant role in Russia’s strategic deterrence framework.

Keep reading for free!

Get instant access to the rest of this article by submitting your email address below. You'll also get access to three articles of your choice each month and our free newsletter:

Or, Subscribe now to get full access.

Already a subscriber? Log in here .

What you’ll get with an All-Access subscription to World Politics Review:

A WPR subscription is like no other resource — it’s like having a personal curator and expert analyst of global affairs news. Subscribe now, and you’ll get:

  • Immediate and instant access to the full searchable library of tens of thousands of articles.
  • Daily articles with original analysis, written by leading topic experts, delivered to you every weekday.
  • Regular in-depth articles with deep dives into important issues and countries.
  • The Daily Review email, with our take on the day’s most important news, the latest WPR analysis, what’s on our radar, and more.
  • The Weekly Review email, with quick summaries of the week’s most important coverage, and what’s to come.
  • Completely ad-free reading.

And all of this is available to you when you subscribe today.

More World Politics Review